I engineer minimal and auditable utilities for mission-critical, constrained environments. My work focuses on bridging the gap between amnesic systems and persistent security requirements, specializing in low-level execution and system hardening.
- Amnesic Persistence: Crafting automation for TailsOS without breaking the amnesic threat model.
- Low-Level Hardening: Custom
nftablesimplementations, kernel-level parameter tuning, and memory isolation. - Auditable Scripting:
Shellcheck-clean, POSIX-compliant, and side-effect-free codebases. - Stateless Workflows: Developing tools for ephemeral, live-boot, and air-gapped setups.
| Project | Stage | Focus / Stack |
|---|---|---|
rozh-security-kit |
R&D | C++, Python, ASM, Exploit Mitigation |
mem-injector |
Alpha | C, GDB, Process Tracing |
tails-hardener |
Stable | Bash, nftables, sysctl |
Trust but Verify. > All releases are signed with my PGP key. Use the links below to inspect the source or verify my identity.
"Defaults matter. The first line of defense is a system that forgets everything but the rules you gave it."